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PATENT 

ATTORNEY DOCKET NO: 06105/002001 

DIGITAL ACTIVE ADVERTISING 
BACKGROUND OF THE INVENTION 
The recent rapid growth of information applications 
on international public packet-switched computer networks 
such as the Internet suggests that public computer networks 
have the potential to establish a new kind of open 
marketplace for goods and services. Such a marketplace 
could be created with a network sales system that comprises 
a plurality of buyer and merchant computers, means for the 
users of the buyer computers to display digital 
advertisements from the merchant computers, and means for 
the users to purchase products described by the 
advertisements . 

A network based sales system will need to allow 
users to preview products at little or no cost, and will 
need to make a large number of product advertisements 
available in a convenient manner. In addition, the shopping 
system will need to include easy-to-use facilities for a 
user to purchase desired products using a merchant 
independent payment method. In addition the network sales 
will need to allow new buyers and merchants to enter the 
market. 

A central requirement for a marketplace is a payment 
mechanism, but at present no merchant independent payment 



mechanism is available for computer networks that permits 
users to utilize conventional financial instruments such as 
credit. cards , debit cards, and demand deposit account 
balances. We expect that both retail payment and wholesale 
5 payment mechanisms will be required for networks, with 
consiimers using the retail mechanism for modest size 
purchases, and institutions using the wholesale mechanism 
for performing settlement between trading partners. For 
wide acceptance the retail mechanism will need to be a 

10 logical evolution of existing credit-card, debit-card, and 
Automated Clearing House facilities, while for acceptance 
the wholesale mechanism will need to be an evolved version 
of corporate electronic funds transfer. 

These problems of have been approached in the past 

15 by network based sales systems wherein, for example, each 
merchant maintains an account for each user. A user must 
establish an account with each merchant in advance in order 
to be able to utilize the merchant. The prior art network 
based sales systems are not designed to allow users to use 

20 their existing credit card and demand deposit accounts for 
payment, nor are they designed to allow for programs to be 
included in digital advertisements. 

According, therefore, it is a primary objective of 
this invention to provide a user interactive network sales 

25 system in which the user can freely use any merchant of 
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choice and utilize existing financial instruments for 
payment. Other objects include a network sales system which 
provides a high-quality user interface, which provides users 
with a wide variety and large volume of advertisements, 
5 which is easily extensible to new services, and which is 
easily expanded to new applications within the existing 
infrastructure of the system. 

Still other objects of the invention are to provide 
a network payment system that will authorize payment orders 

10 and remove part of the risk of fraud from merchants. 

An unavoidable property of public computer networks 
is that they are comprised of switching, transmission, and 
host computer components controlled by many individuals and 
organizations. Thus it is impossible for a network payment 

15 system to depend upon a specified minimum required degree of 
software, hardware, and physical security for all of the 
components in a public network. For example, secret keys 
stored in a given user's personal computer can be 
compromised, switches can be tampered with to redirect 

20 traffic, and transmission facilities can be intercepted and 
manipulated. 

The risk of performing retail payment in a public 
network is compounded by statutes that make a payment system 
operator in part liable for the security lapses of its 
25 users. Existing Federal statutes in the United States, 
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including the Electronic Funds Transfer Act and the Consumer 
Credit Protection Act, require the operator of a payment 
mechanism to limit consumer liability in many cases. 
Payment system operators may have other fiduciary 
responsibilities for wholesale transactions. Similar 
responsibilities exist in other countries for retail and 
wholesale transactions. 

In existing credit card payment systems, a credit 
card's issuing bank takes on the fraud risk associated with 
misuse of the card when a merchant follows established card 
acceptance protocols. Acceptance protocols can include 
verifying a card holder's signature on the back of their 
card and obtaining authorization for payments over a certain 
value. However, in network based commerce a merchant can 
not physically examine a purchasers credit card, and thus 
the fraud risk may revert to the merchant in so called "card 
not present" transactions. Many merchants can not qualify 
to take this risk because of their limited financial 
resources. Thus the invention is important to allow many 
merchants to participate in network based commerce. 

Other objects of the invention include utilizing 
existing financial instruments such as credit cards, debit 
cards, and demand deposit accounts for merchant payments. 

Existing network payment systems do not connect to 
the financial system for authorization and are not 



compatible with conventional financial instruments. 
Existing network payment systems include the Simple Network 
Payment Protocol [Dukach, S., SNPP: A Simple Network Payment 
Protocol, MIT Laboratory for Computer Science, Cambridge, 
5 MA, 1993.], Sirbu's Internet Billing Server [Sirbu, M. A., 
Internet Billing Service Design and Prototype 
Implementation, Information Networking Program, Carnegie- 
Mellon University, 1993], and NetCash [Medvinsy, G. , and 
Newman, B. C. , NetCash: A Design for Practical Electronic 

10 Currency on the Internet, Proc. 1st ACM Conf. on Comp. and 
Comm. Security, November, 1993]. 

A further object of the invention is to allow users 
in an untrusted network environment to use conventional 
financial instruments without requiring modification to 

15 existing financial system networks. 

The following definitions apply to the present 
invention. A principal is a person, company, institution, 
or other entity that is authorized to transact business as 
part of a network payment system. A payment order describes 

20 the identity of a sender, a payment amount, a beneficiary, 
and a sender unique once. A sender is a principal making 
a payment. A beneficiary is a principal to be paid by the 
payment system. A sender unique nonce is an identifier that 
is used only once by a given sender. An example of sender 

25 unique nonces are unique timestamps. An external account is 
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an account that can be used to settle a payment order for 
either a sender or a beneficiary in the external financial 
system. Examples of external accounts include demand 
deposit accounts and credit card accounts. An external 
5 device is a physical object that is kept in the possession 
of a user for the purpose of identifying the user. 

A network payment system is a service that 
authorizes and executes digital payment orders that are 
backed by external accounts. A payment system authenticates 
Q 10 a payment order, checks for sufficient funds or credit, and 
then originates funds transfer transactions to carry out the 
payment order. A payment system acknowledges acceptance or 
rejection of a payment order. More than one payment 
H system may exist on a given network, and a given payment 

15 system may operate on more than one host to increase its 
reliability, availability, and performance. An 
authenticator is a digital value that is appended to a 
payment order and becomes part of the payment order that 
authenticates the payment order as genuine. 
20 SUMMARY OF THE INVENTION 

The invention relates to a network sales system for 
enabling users to purchase products using a plurality of 
buyer computers that communicate over a network with a 
plurality of merchant computers. Each merchant computer 
25 has a database of digital advertisements. Each digital 
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advertisement includes a price and a product abstract. 
Buyer computers request, display, and respond to digital 
advertisements from merchant computers. Users can purchase 
products with their buyer computers after they have 
specified an account to pay for the purchase. A network 
payment service is used to authorize the purchase before 
merchant fulfillment is performed. 

In a particular aspect of the invention, the merchant 
computer can request account information when it is not 
provided by the buyer computer. In another aspect of the 
invention, the buyer computer can present to a merchant a 
pre -authorized payment order that is obtained from a network 
payment system. 

In another aspect of the invention, an electronic 
sales system contains digital advertisements that include 
programs. The programs are executed on behalf of a user by 
a buyer computer, and can lead to a purchase request 
directed to a merchant computer that performs product 
fulfillment. 

In another aspect of the invention a network payment 
system executes payment orders. A payment order includes a 
sender, a beneficiary, a payment amount, and a nonce 
identifier • A payment order is signed by a client computer 
with an authenticator that is checked by the payment system. 
Payment orders are backed by accounts in the banking 



system, and are authorized by the network payment system by 
sending messages into a financial authorization network that 
knows the status of these accounts. The payment system 
accomplishes settlement by sending messages into an existing 
financial system network. 

In another aspect, payment orders are authenticated 
based on the delivery address they specify. In another 
aspect, the payment system will specify in its authorization 
legal delivery addresses. In another aspect, authenticators 
for payment orders are based on one-time transaction 
identifiers that are known only to the user and the payment 
system. In another aspect, payment orders for a given 
sender are only accepted from certain client computer 
network addresses. In another aspect, the network payment 
system sends messages into a financial authorization system 
in real-time before the network payment system will 
authorize a payment order. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Other objects, features, and advantages of the 
invention will appear from the following description taken 
together with the drawings in which: 

Figure 1 is a block diagram of a typical network 
sales system in accordance with the invention; 

Figure 2 is a screen snapshot of a buyer computer 
display of an overview page from a merchant computer; 



Figure 3 is a screen snapshot of a buyer computer 
display of a page of digital advertisements from a merchant 
computer ; 

Figure 4 is a screen snapshot of a buyer computer 
5 display of an account query page; 

Figure 5 is a screen snapshot of a buyer computer 
display of a fulfillment page; 

Figure 6 is a flow chart illustrating the processing 
of a sale between a buyer computer and a merchant computer; 
^..^ 10 Figure 7 is a flow chart illustrating the alternate 

r'i processing of payment order means for obtaining missing 

payment information; 

Figure 8 is a screen snapshot of a buyer computer 
display of an overview page from a merchant computer that 
U 15 contains a query input by the user; 

Figure 9 is a screen snapshot of a buyer computer 
S display of digital advertisements in response to a user's 

query; 

Figure 10 is a screen snapshot of a buyer computer 
20 screen of a purchase confirmation; 

Figure 11 is a screen snapshot of a buyer display of 
a fulfillment page like Figure 5; 

Figure 12 is a flow chart illustrating an alternate 
processing of a sale between a buyer computer and a merchant 
25 computer where a payment order is pre-authorized; 
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Figure 13 is a block diagram of a typical network 
payment system in accordance with the invention; 

Figure 14 is a flow chart illustrating the 
authentication, authorization, and settlement of a payment 
order ; 

Figure 15 is a flow chart illustrating an alternate 
processing of the authentication and verification of a 
payment order where transaction identifiers are used; and 

Figure 16 is a flow chart illustrating an alternate 
processing of the authorization of a payment order where 
real-time approval from the financial authorization network 
may not be obtained. 

DESCRIPTION OF A PARTICULAR PREFERRED EMBODIMENT 

A network sales system 200 as shown in Figure 1 
employs a network 67 to interconnect a plurality of buyer 
computers 61 and 62, merchant computers 63 and 64, each 
merchant computer with respective digital advertisement 
databases 65 and 66, and a payment computer 68. A user of 
the system employs a buyer computer to retrieve 
advertisements from the merchant computers, and to purchase 
goods of interest. A payment computer is used to authorize 
a purchase transaction. 

A digital advertisement includes a product 
description and a price. In digital advertisement database 



65 prices and descriptions may be stored separately, and one 
price may apply to many product descriptions* 

In an alternate embodiment, the network sales system 
further includes external devices that are kept in the 
possession of users so that the users can authenticate 
themselves when they use a buyer computer - 

The software architecture underlying the particular 
preferred embodiment is based upon the hypertext conventions 
of the World Wide Web. Appendix A describes the Hypertext 
Markup Language (HTML) document format used to represent 
digital advertisements, Appendix B describes the HTML forms 
fill out support in Mosaic 2.0, Appendix C is a description 
of the Hypertext Transfer Protocol (HTTP) between buyer and 
merchant computers, and Appendix D describes how documents 
are named with Uniform Resource Locators (URLs) in the 
network of computers. A document is defined to be any type 
of digital data broadly construed, such as multimedia 
documents that include text, audio, and video, and documents 
that contain programs. 

Figure 2 shows an overview screen that has been 
retrieved from a merchant computer by a buyer computer and 
displayed by the buyer computer. It includes links 1, 2, 
and 3 that when activated by a user cause the buyer's 
computer to take specified actions. In the case of link 1, 
the document shown in Figure 3 is retrieved from a merchant 
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computer and displayed. In the case of link 2, a short 
audio segment is retrieved from a merchant computer and 
played. In the case of link 3 , the query that can be 
entered into the query dialog box 4 is sent to a merchant 
computer, and a document is retrieved from the merchant 
computer and displayed • 

Figure 3 shows a document that contains three 
digital advertisements. The digital advertisements have 
been retrieved from the merchant computer after the 
activation of link 3. The merchant computer may set the 
prices contained in the advertisements based on the on the 
identity of the user as determined, for example, by the 
network address of the requesting buyer computer. The 
document includes links 5, 6, and 7 that are used to 
purchase the products described by the advertisements. For 
example, if link 5 is activated the missing payment 
information document shown in Figure 4 is retrieved from the 
merchant computer and displayed. 

Figure 4 is a missing payment information document 
that is used to gather user account information for the 
requested purchase in an HTML form. Radio buttons 8, 9, 10, 
11, 12 are used to select a means of payment, dialog box 13 
is used to enter an account number, dialog box 14 is used to 
enter an optional authenticator for the account, purchase 
button 15 is used to send the account information to the 
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merchant computer and proceed with the purchase, link 16 is 
used to abort the purchase and return to the document shown 
in Figure 2, and dialog box 17 is used to enter optional 
user information that is associated with the purchase and 
5 ultimately used by a financial institution as part of a 

textual billing identifier for the purchase transaction. If 
provided, this additional information is included in the 
payment order for the purchase. 

Figure 5 is a fulfillment document 18 that is 

10 produced once valid account information is provided to the 
missing payment information document in Figure 4 and 
purchase button 15 is activated. 

Figure 6 is a flowchart that more fully describes 
the information flow in the purchase transaction shown in 

15 Figures 2 to 5. An initial user inquiry 19 from activating 
link 1 results in the HTTP request 20 for a specific 
document with a specified URL. The URL specifies the name 
of the merchant computer. The merchant computer retrieves 
the document given the URL at 21, and returns it to the 

20 buyer computer at 22. The buyer computer displays the 

resulting HTML document at 23. When the user activates link 
5, an HTTP request 25 is sent to the merchant computer 
requesting the document. 

In an alternate embodiment, document 22 is executed 

25 at 23 as a program. A program is defined as a set of 
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instructions that can exhibit conditional behavior based 
upon user actions or the environment of the buyer computer • 
As is known to those skilled in the art, there are many 
techniques for representing programs as data. The program 
can be interpreted or it can be directly executed by the 
buyer computer. The program when executed will cause the 
buyer computer to interact with the user leading to the user 
purchase request 24, and the purchase message 25. 

The merchant computer then attempts to construct a 
payment order at 2 6 using the information it has gathered 
about the user. The buyer computer may have previously 
supplied certain credentials using fill out forms or other 
account identification means such as providing the network 
address of the buyer computer in the normal course of 
communication. If the buyer computer is able to construct a 
complete payment order at 26 the payment order is sent to a 
payment computer for authorization at 27. If a payment 
order can be constructed, processing continues at 28. 

Alternatively, the buyer computer may construct the 
payment order at 24 and send it to the merchant computer at 
25. In this case, the payment order assembly steps at 26, 
at the merchant computer, may only need to forward the 
payment order from the buyer computer. 

A payment order includes user account information, 
merchant account information, an amount, and a nonce 



identifier that has not been previously used for the same 
user account. Variations of payment orders can be 
constructed, including payment orders that specify user or 
merchant identifiers in place of account information, 
payment orders that specify a valid time period, payment 
orders that specify foreign currencies, and payment orders 
that include comment strings. Part of the process of 
constructing a payment order is creating a corresponding 
authenticator using one of the authenticator methods 
described below. 

In the illustrated embodiment of Figures 3 and 4, 
the merchant computer does not have sufficient information 
to construct a payment order at 2 6 and thus at 3 3 (Figure 7) 
constructs and returns a missing payment information 
document in response to request 25. Operation 33 includes 
in the constructed document appropriate form fields based on 
what information the merchant computer has already collected 
from the user. The document is returned to the buyer 
computer at 34 and is displayed at 35. When the user 
presses the purchase button 15, the contents of the form are 
transmitted to the merchant computer, at 36, to a specific 
URL name, using an HTTP request. Based on the supplied form 
fields, the merchant computer constructs a complete payment 
order. Alternatively, the buyer computer may construct the 
payment order at 35 and send it to the merchant computer as 
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part of step 36. In this case, the payment order assembly 
steps 37 at the merchant computer simply passes on the 
payment order from the buyer computer. The payment order is 
sent to the payment computer in a message at 38. 

In either case, the flowchart continues in Figure 6 
where the payment computer checks the authorization of the 
payment order at 28. If the payment system authorizes the 
request, an authorization message at 29 is returned to the 
buyer computer, and the merchant computer checks at 3 0 that 
the authorization message came from the payment computer 
using the authenticator mechanism described below. Assuming 
that the authorization message is valid, the merchant 
computer performs fulfillment at 30, returning the purchased 
product in response at 31. In our example in Figure 5 the 
response at 31 is document 18 that was the logical target of 
link 5. If the payment system does not authorize the 
payment order then response 31 is a rejection of the user's 
purchase request. 

In an alternate embodiment, step 3 0 can encrypt the 
document using a key that is known to the buyer computer. 
As is known to those skilled in the art, the key can be 
communicated to the merchant computer using convention key 
distribution protocols. In this manner the document will be 
protected from disclosure to other users. 
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The fulfillment step at 3 0 can alternatively 
schedule a physical product to be shipped via ordinary mail 
or other means. This can be accomplished by updating a 
fulfillment request database or by sending a message to a 
5 shipping system. In this case the response at 31 is a 

confirmation that the product has been scheduled to ship. 
In this way the network sales system can implement an 
electronic mail order system. 

Figures 8^ 9, 10^ and 11 show a second example that 
10 uses query based access to digital advertisements. It is 
J^; assximed that the previous example was used by the user 

immediately before at the same buyer computer. 
U1 Figure 8 shows the overview screen where the query 

H "movie review" has been entered into dialog box 39. When 

15 the user activates process button 40, the merchant searches 
databases as described by the URL attached to button 40, and 
S creates a response document as shown in Figure 9. 

^ Figure 9 shows digital advertisements 39, 40, 41, 

42, 43, and 44 that were found in response to the query 
20 initiated by button 40. A scroll bar 45 shows that there are 
additional digital advertisements that are not shown. When 
link 46 is activated, the missing account information 
document shown in Figure 10 is returned by the merchant 
computer. 
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Figure 10 shows that the merchant computer has 
partial information on the buyer's account • Message 47 
shows that the merchant computer already knows the buyer's 
account number. Purchase button 48 will send the optional 
user reference string in dialog box 50 to the merchant 
computer described by the URL behind button 48 and purchase 
the product corresponding to digital advertisement 39. 
Cancel link 49 will return the user to the document shown in 
Figure 2. 

When purchase button 4 8 is activated, a document 51 
is sent by the merchant computer and displayed by the buyer 
computer as shown in Figure 11 • 

Figure 12 shows an alternative method of processing 
a sales transaction. In this method when the user requests 
a purchase at 52, the buyer computer constructs a payment 
order at 53 and sends it for approval to the payment 
computer at 54. The payment computer authorizes the payment 
order at 55; and when the payment order is authorized, 
returns an unforgable certificate at 56 that the payment 
order is valid. Means of creating such unforgable 
certificates are described in authenticator method number 
one below. If at step 55 the payment order is not 
authorized, a rejection message is sent at 56 and the sales 
transaction is terminated. 
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The buyer computer then proceeds at 57 to send a 
pre-authorized purchase request to the merchant coinputer. 
The unforgable certificate 5 6 is included in a purchase 
message at 57 that is sent at 58 to the merchant computer. 
5 Based upon the pre-authorized payment order the merchant 
computer performs fulfillment at 59 and returns the product 
at 60. In a variation, the merchant computer at 59 checks 
to ensure the payment order has not been previously used. 
This can be accomplished by checking with a payment computer 
10 or maintaining a merchant computer database of previously 

accepted payment orders. The unforgable certificate created 
at step 56 does not need to include the user account 
information. This variation is useful if the user wishes to 
make purchases and remain anonymous to the merchant. 

15 A Network Payment System 

A network payment system 3 00 as shown in Figure 13, 
employs a public packet-switched network 69 to interconnect 
a plurality of client computers 70 and 71, and a plurality 
of payment computers such as 72, each payment computer 

20 having an account database 73, a settlement database 74, an 
authorized address database 75, a sender credential database 
76, a financial system interface 77, and a real-time 
authorization interface 78. The interfaces 77 and 78 may be 
implemented by a single communications line. 
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In an alternate embodiment, the network payment 
system further includes external devices that are kept in 
the possession of users so that the users can authenticate 
themselves when they use a buyer computer. 

Account database 73 maintains temporal spending 
amounts, such as the amount spent in the current day, and 
also maintains temporal spending limits. The account 
database may also maintain a translation between principal 
identifiers and external account identifiers • Settlement 
database 74 records committed payment orders along with any 
authorization information for the orders that was obtained 
from interface 78. Address database 75 maintains for each 
sender a list of authorized buyer computer and delivery 
addresses. Credential database 76 maintains a list of 
credentials for principals and information that can be used 
to authenticate principals. 

Figure 14 is a flowchart that describes the 
operation of the payment system. A client computer 71 
constructs a payment order at 79, and computes and adds an 
authenticator to the payment order at 80. The payment order 
is sent at 81 to a payment computer, where the authenticator 
is verified at 82 to ensure that the payment order was 
originated by the sender it describes. Below we present 
different means of implementing 80 and 82. 



If the payment order is authentic and address 
restrictions are desired, at 83, either or both of the 
client computer address or the specified delivery address 
can be checked against address database 75. If address 
5 restrictions are desired and if the addresses in the payment 
order are not in the database, the payment computer sends a 
rejection message to the client computer. Address 
database 75 specifies, for each principal, acceptable client 
computer addresses and delivery addresses • A delivery 

10 address can be a network address, or a street address for 
packaged goods. As is known in the art, database 75 can 
include wild-card specifications and similar techniques to 
reduce its size. For example, database 75 could contain 
an entry for principal identifier "*@acme.com" restricting 

15 legal delivery addresses to "computer: *.com", "computer: 
cmu.edu", and "surface: *, 34 Main Street, Anytown, USA", 
indicating that any user at the company Acme can order 
products to be delivered to the network address at Acme or 
the university CMU, or to anyone at 3 4 Main Street, Anytown, 

20 USA. 

If payment order address restrictions are not 
desired or have been checked, processing continues at 84 
where the payment order is checked for replay and temporal 
spending limits. Replay is checked for by making sure that 
25 the sender did not previously present a payment order with 

- 21 - 



the same nonce by checking an index of coirmiitted payment 
orders by nonce in settlement database 74. If nonces are 
based on time, then a payment order that is older than an 
administratively determined value can be rejected out of 
5 hand* Time based nonces or sequential nonces permit old 
nonces to be removed from the settlement database 74. If a 
payment order has been previously processed or its nonce is 
too old, the payment order computer sends a rejection 
message to the client. 

10 After the payment order passes the replay check, 

temporal spending limits are checked in account database 73. 
These spending limits can be applied on a per sender, per 
group of senders, and per payment system basis to limit 
fraud risk. The limits can be applied to any duration of 

15 time^ for example a maximum spending amount per hour or per 
day. If the payment order would violate a spending limit, 
the payment computer sends a rejection message to the 
client. 

Once the payment order passes the temporal spending 
20 check at 84, a message is constructed at 85 to check that 
the external account that backs the sender's payment system 
account has adequate funds or credit. If the sender 
identifier in the payment order is not already an account 
number in the external financial system, it is translated 
25 into a corresponding account number in the external 
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financial system using account database 73. A real-time 
authorization request message is sent at 86 to the external 
financial system over interface 78. If the external 
financial system approves authorization request 86, an 
authorization message is returned at 87. If request 86 is 
not approved, the payment computer sends a rejection message 
to the client at 87. 

In a variation of the above described approach, 
processing continues at 95 after 84. At 95 real-time 
authorization is only obtained when the total of a sender's 
payments since the last real-time authorization reaches a 
preset value, or the payment order is over a preset amount. 
These preset values can be optionally recorded on a per 
principal basis in database 73 or can be administratively 
determined for all principals. In this manner, the number 
of messages to the external financial system can be reduced. 
In addition, the payment system can avoid making real-time 
authorization requests for small payments when the risk is 
acceptable to the payment system operator. If real-time 
authorization is necessary, processing continues at 85 after 
95. If real-time authorization is not necessary for a 
request, at 100 the payment order amount is added to the 
sender's total of payments since the last real-time 
authorization in database 73, and processing continues at 
88. 



In another variation after 100 a check is made at 
101 in database 73 to see if a background authorization 
process should be scheduled. A background authorization 
process permits the payment computer to continue its normal 
processing while it checks with the financial authorization 
network on the sender's account. This mechanism can be used 
to limit payment system risk. If the background 
authorization fails, the account is suspended by so updating 
database 73. If the sender's total of payments since last 
authorization is over a preset value stored in 7 3 then a 
background authorization process is scheduled at 102. 
Otherwise processing continues at 88. 

In another variation, at 95 and 101 authorizations 
are obtained based on the amount spent since last 
authorization and time since last authorization. 

At 88 the payment order is committed to execution 
and is recorded in settlement database 74. Recorded with 
the payment order in database 74 are portions of 
authentication message 87 that show that the payment 
computer contacted the remote financial system. The amount 
of the payment order is added to running temporal spending 
records in database 73, and an authorization message is sent 
to the client computer at 90. The authorization message 
includes the payment order. In an alternate embodiment, at 
90 the authorization message contains a truncated payment 



order that includes at least the payment order's sender and 
the payment order's unique nonce* 

In an alternate embodiment, the authorization 
message sent to the client at 90 includes at least one legal 
delivery addresses for the sender as determined from 
database 75 • 

Authorization message 9 0 must be transmitted in such 
a way that the client computer can be sure that it came from 
the payment computer. At 89 a payment system specific 
authenticator is added payment order. At 91 this 
authenticator is checked by the client computer. The steps 
at 89 are a dual of step 80, and the steps at 91 are a dual 
of step 82. The authentication means for steps 89 and 91 
are described below. 

Finally, settlement is performed at 92 in the 
external financial system 77 between external accounts that 
correspond to the sender and the beneficiary. If settlement 
is accomplished as part of real-time authorization at steps 
86 and 87, as may occur in a real-time debit network, then 
no other steps need to be taken. If settlement is not 
accomplished as part of the authorization process, then 
financial system messages are sent to interface 77 to effect 
settlement. Depending on the external accounts involved, 
these messages may include electronic funds transfer 
messages or automated clearinghouse messages. 



In an alternate embodiment, at 92 settlement 
messages are sent to reconcile net transfer balances between 
principles on a temporal basis, for example once a day. In 
this embodiment the number of settlement messages can be 
5 less than the number of payment orders. 

Authenticators may be created and checked using one 
of the following methods. The payment computer can use any 
of the first four methods, and the client computer can use 
any of the methods described. 

10 In a first method for authenticators, at steps 80 or 

89, a digest of the payment order is signed by the sending 
computer using a public-key cryptographic system such as 
RSA. This signature is used as the authenticator • As is 
well known in the art, the signing can be accomplished using 

15 a private key created from a public-key pair, where the 
signing key is only known by the signer, and the other 
public key is known to the receiving computer. At the 
payment computer the public key corresponding to each sender 
is kept in credential database 76. The private key for the 

20 payment service is also kept in database 76. At steps 82 or 
91, the signature of the received message is checked using 
the public key known to the receiving computer. 

In a second method for authenticators, at steps 80 
or 89, a digest of the payment order is signed by the 

25 sending computer with a private key cryptosystem such as 
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DES. This signature is used as the authenticator . At the 
payment computer, the private key corresponding to each 
sender. is kept in credential database 76. At step 80, a 
digest of the payment order is signed by the client 
5 computer, and at step 89 a digest of the payment order with 
an added approval code is signed by the payment computer 
using the same private key. At steps 82 or 91, the 
signature of the received message is checked using the 
shared private key. 

10 In a third method for authenticators, at step 80 the 

authenticator is computed by a protected device external to 
the system such as a Smart-Card. A protected device is 
specifically designed to be extremely difficult both to 
replicate and to compromise. In this method, the payment 

15 order is communicated at 80 to a Smart-Card. The Smart-Card 
computes and signs a digest of the payment order, and then 
communicates the signature back at 80 to be used as an 
authenticator. A Smart-Card produced authenticator uniquely 
associates a payment order with its creating Smart-Card. 

20 This is accomplished by having the Smart-Card contain a 

secret key "K" that is used to create a digital signature of 
the payment order. "K" is never released outside of the 
Smart-card. The Smart-Card is designed to make it 
computationally infeasible to compute "K" even with 

25 possession of the device. In this method, at step 82, a 
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signature checking key from database 7 6 is used to check the 
authenticator. In an alternate embodiment, a user must 
manually signal their acceptance of each payment order on an 
input device that is part of the external device before the 
authenticator is created by the external device. 

In a fourth method for authenticators, at steps 80 
or 89, a network address is used as an authenticator. At 
steps 82 or 91, a digest of the payment order is sent back 
to the specified network address along with a random 
password. The computer at the specified network address 
must then return the payment order digest along with the 
password. If the network guarantees to deliver messages to 
the proper network address, this method will guarantee that 
the user or computer at the specified network address 
approves of the payment order. Assuming that network 
delivery is trusted, this method can be used to authenticate 
a sender computer's network address in a payment order. 
Alternatively, electronic mail can be used to send such 
confirmation messages between a user and the payment system. 

In a fifth method for authenticators, at step 80, 
the authenticator is produced by an external device that 
produces a sequence of non-predicable transaction 
identifiers that are device specific. The authenticator is 
entered by the user into the client computer by reading its 



display. One such device is described in U.S. Patent 
4^856,062. According to this method, at step 91, the 
authenticator can be checked using the sender specific fixed 
code of the device which is kept in database 76. This 
5 sequence of steps is also shown in Figure 15 at steps 93 and 
94. 

In a sixth method for authenticators, at step 80, 
the authenticator is obtained by querying the user for a 
transaction identifier that is the next string from a 

10 physical list of one-time authorization strings. Such as 

list could be produced on a card, and the user can cross off 
authorization strings as they are used. According to this 
method, at step 91, the authenticator is checked against the 
next expected string from the sender using database 76. 

15 Database 76 can hold for each sender a list of random 

authorization strings, or can hold a sender specific secret 
key that was used to generate the list of authentication 
strings along with how many strings have been used so far. 
This sequence of steps is also shown in Figure 15 at 93 and 

20 94. 

In a seventh method for authenticators, at step 80 
the authenticator is a previously obtained personal 
identification number (PIN) for the user. In this method in 
91 the authenticator is checked against the expected PIN for 
25 the sender using database 76. 



As will be obvious to one skilled in the art, any of 
the methods for creating authenticators can be used together 
to increase system security. For example, authenticator 
method six can be used to create an authenticator based on a 
5 transaction identifier, and then a payment order including a 
transaction identifier can be given a further authenticator 
using authenticator method one. In this example the 
resulting authenticators would be checked with their 
respective methods, 

10 A digest of a payment order can be created with an 

algorithm such as MD5 [R. Rivest, The MD5 Message-Digest 
Algorithm, MIT Laboratory for Computer Science, Network 
Working Group Request for Comments 1321]. Alternatively, a 
digest can be the entire payment order or other functions of 

15 the payment order's component parts. 

In addition in both the sales and payment systems 
alternate authenticator techniques can be used such as those 
described by Voydock and Kent in "Security Mechanisms in 
High-level Network Protocols", Computing Surveys Vol. 15, 

20 No. 2, June 1983. As will be appreciated by those skilled 
in the art, two-way authenticated byte-stream or remote 
procedure call interface connections that protect against 
replay can replace our message based authenticators. 

Additions, subtractions, deletions, and other 

25 modifications of the described embodiment will be apparent 
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to those practiced in the art and are within the scope of 
the following claims. 
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What is claimed is: 



1 , 1. A network sales system comprising 

2 a plurality of buyer computers and at least one 

3 merchant computer interconnected by a communications 

4 network, 

5 means at each merchant computer for maintaining and 

6 providing a database of digital advertisements comprising 

7 means for storing said digital advertisements, each 

8 digital advertisement including a product abstract, 

9 means for communicating a digital advertisement to a 

10 buyer computer over said network in response to a network 

11 request from said buyer computer, 

12 means at each buyer computer for requesting, 

13 displaying, and responding to digital advertisements 

14 comprising 

15 means responsive to a user inquiry for selecting a 

16 merchant computer and obtaining a digital advertisement for 

17 a product from said database of advertisements at said 

18 merchant computer, 

19 display means for displaying said advertisement, 

20 purchase means responsive to a user request for 

21 communicating a purchase message to said merchant computer, 

22 account identification means for transmitting the 

23 user's account information to said merchant computer, 
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24 means, at said merchant computer, comprising 

25 authorization means to authorize said purchase 

2 6 message by sending messages into a financial system network, 

27 fulfillment means to send said product to user 

28 conditional on approval of said authorization means. 

1 2. The network sales system of claim 1 further 

2 wherein said authorization means at said merchant computer 

3 comprises 

4 means for communicating a missing payment 

5 information request message to said buyer computer to obtain 

6 missing payment information, 

7 means for receiving said missing payment information 

8 from said buyer computer, 

9 means for authorizing said purchase message by 

10 sending messages into a financial system network, 

11 and said account identification means at said buyer 

12 computer comprises 

13 means responsive to said missing payment information 

14 request message to query the user for additional payment 

15 information, 

16 means to send said additional payment information to 

17 said merchant computer. 
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1 3. The network sales system of claim 1 further 

2 wherein said account identification means comprises 

3 means for assembling a payment order, 

4 means for sending said payment order to a network 

5 payment system for authorization, 

6 and wherein said authorization means comprises 

7 means for verifying that said payment order has been 

8 previously authorized by said payment system. 

1 4. An electronic sales system comprising 

2 means for storing a database of digital 

3 advertisements, each digital advertisement for a product 

4 including a program, 

5 means for communicating a digital advertisement to a 

6 buyer computer, 

7 means at said buyer computer for displaying and 

8 responding to said digital advertisement comprising 

9 display means for displaying said digital 

10 advertisement by executing a portion of said advertisement 

11 as a program and performing actions as specified by said 

12 program, 

13 purchase means responsive to a user request for 

14 communicating a purchase message to a merchant computer, 

15 means, at said merchant computer, comprising 

16 fulfillment means to send said product to user. 
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1 5. A network payment system comprising 

2 a plurality of client computers and at least one 

3 payment computer interconnected by a public packet switched 

4 communications network, 

5 means at a client computer for performing payment 

6 comprising 

7 payment specification means for constructing 

8 a payment order from a sender to a beneficiary, 

9 signing means for authenticating said payment 

10 order as originating from said sender, 

11 means for sending said payment order to a payment 

12 computer , 

13 means for receiving a payment order authorization 

14 message from said payment computer, 

15 means responsive to a payment order message at said 

16 payment computer comprising 

17 verification means for verifying that said sender 



18 originated said payment order, 

19 authorization means for sending a message into a financial 

20 authorization network to verify that said sender has 

21 adequate funds or credit and receiving an authorization in 

22 response, 

23 means for recording said payment order and 

24 authorization in a settlement database, 



- 35 - 



25 response means for sending an authorization 

26 message to said client computer, 

27 means for sending at least one message into a 

28 financial system network to transfer funds from said sender 

29 to said beneficiary. 

1 6, The network payment system of claim 5 further 

2 wherein said payment specification means comprises 

3 means for constructing a payment order, said payment 

4 order including a delivery address, 

5 and said verification means comprises 

6 means for verifying that said sender originated said . 

7 payment order and checking said delivery address against a 

8 database of allowed delivery addresses for said sender. 

1 1 . The network payment system of claim 5 further 

2 wherein said response means comprises 

3 means for determining allowed delivery addresses for 

4 said sender, 

5 means for sending an authorization message to said 

6 client computer that includes allowed delivery addresses. 

1 8. The network payment system of claim 5 further 

2 wherein said signing means comprises 
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3 means for generating the next expected transaction 

4 identifier for said sender and using it to create an 

5 authenticator , 

6 and wherein said verification means comprises 

7 means for generating the next expected transaction 

8 identifier for said sender, and 

9 means for verifying that said authenticator was 
10 created using said transaction identifier. 

1 9. The network payment system of claim 5 further 

2 wherein said signing means comprises 

3 means for generating an authenticator using an 

4 external device, 

5 and wherein said verification means comprises 

6 means for verifying that said authenticator was 

7 created using said external device. 

1 10. The network payment system of claim 5 further 

2 wherein said payment specification means comprises 

3 means for constructing a payment order from a 

4 sender, said payment order including a client computer's 

5 network address, 

6 and said verification means comprises 

7 means for verifying said payment order was 

8 constructed at said client computer's network address and 
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checking said client address against a database of allowed 
client addresses for said sender. 

11 • The network payment system of claim 5 further 
wherein said authorization means comprises 

determination means for determining the necessity 
for real-time authorization, 

means for performing real-time authorization 
conditioned on said determination means. 

12. A method for effecting sales over a network 
sales system having a plurality of buyer computers and at 
least one merchant computer interconnected by a 
communications network, encompassing the steps of 

maintaining and providing a database of digital 
advertisements at each merchant computer 

storing said digital advertisements, each digital 
advertisement including a product abstract, 

communicating a digital advertisement to a buyer 
computer over said network in response to a network request 
from said buyer computer, 

requesting, displaying, and responding at each buyer 
computer to digital advertisements comprising the steps of 

selecting in response to a user inquiry a merchant 
computer and obtaining a digital advertisement for a product 
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16 from said database of advertisements at said merchant 

17 computer, 

18 displaying said advertisement, 

19 communicating in response to a user request a 

20 purchase message to said merchant computer, 

21 transmitting the user's account information to said 

22 merchant computer, 

23 authorizing at said merchant computer said purchase 

24 message by sending messages into a financial system network, 
2 5 and 

2 6 sending said product to said user conditional on 

27 approval from said authorizing step. 

1 13. The network sales method of claim 12 further 

2 wherein said authorizing step, at said merchant computer, 

3 comprises the steps of 

4 communicating a missing payment information request 

5 message to said buyer computer to obtain missing payment 

6 information, 

7 receiving said missing payment information from said 

8 buyer computer, 

9 authorizing said purchase message by sending 

10 messages into a financial system network, 

11 and said account identification step at said buyer 

12 computer comprising the steps of 
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13 querying the user for additional payment information 

14 responsive to said missing payment information request 

15 message, 

16 and sending said additional payment information to 

17 said merchant computer. 

1 14, The network sales method of claim 12 further 

2 wherein said account identification step comprises the steps 

3 of 

4 assembling a payment order, and 

5 sending said payment order to a network payment 

6 system for authorization, 

7 and wherein said authorization step comprises the 

8 step of 

9 verifying that said payment order has been 
10 previously authorized by said payment system. 

1 15. An electronic sales method comprising the steps 

2 of 

3 storing a database of digital advertisements, each 

4 digital advertisement for a product including a program, 

5 communicating a digital advertisement to a buyer 

6 computer , 

7 displaying and responding to said digital 

8 advertisement at said buyer computer comprising the steps of 
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9 displaying said digital advertisement by executing a 

10 portion of said advertisement as a program and performing 

11 actions as specified by said program, 

12 coirununicating a purchase message in response to a user 

13 request to a merchant computer, 

14 sending at said merchant computer said product to 

15 user. 

1 16. A network payment method comprising the steps 

2 of interconnecting a plurality of client computers and at 

3 least one payment computer by a public packet switched 

4 conmunications network, 

5 performing payment at a client computer comprising 

6 the steps of 

7 constructing a payment order from a sender to a 

8 beneficiary, 

9 authenticating said payment order as originating 

10 from said sender, 

11 sending said payment order to a payment computer, 

12 and receiving a payment order authorization message 

13 from said payment computer, 

14 responding to a payment order message at said 

15 payment computer comprising the steps of 

16 verifying that said sender originated said payment 

17 order, 
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sending a message into a financial authorization 

19 network to verify that said sender has adequate funds or 

2 0 credit and receiving an authorization in response, 

21 recording said payment order and authorization in a 

22 settlement database, 

23 sending an authorization message to said client 

24 computer, 

25 and sending at least one message into a financial 

26 system network to transfer funds from said sender to said 

27 beneficiary. 

1 17. The network payment system of claim 16 further 

2 wherein said constructing step means comprises the steps of 

3 constructing a payment order, said payment order 

4 including a delivery address, 

5 and said verifying step comprises the steps of 

6 verifying that said sender originated said payment 

7 order , and 

8 checking said delivery address against a database of 

9 allowed delivery addresses for said sender. 

1 18. The network payment method of claim 16 further 

2 wherein said second sending step comprises the steps of 

3 determining allowed delivery addresses for said 

4 sender, 
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and sending an authorization message to said client 
computer that includes allowed delivery addresses. 



1 19 • The network payment method of claim 16 further 

2 wherein said authenticating step comprises the steps of 

3 generating the next expected transaction identifier 

4 for said sender and using it to create an authenticator , 

5 and wherein said verifying step comprises the steps 

6 of 

7 generating the next expected transaction identifier 

8 for said sender, 

9 and verifying that said authenticator was created 
10 using said transaction identifier* 

1 20. The network payment method of claim 16 further 

2 wherein said authentication step comprises the step of 

3 generating an authenticator using an external 

4 device, 

5 and wherein said verifying step comprises the steps 

6 of 

7 verifying that said authenticator was created using 

8 said external device. 



1 



2 



21 • The network payment method of claim 16 further 
wherein said constructing step comprises the step of 
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3 constructing a payment order from a sender, said 

4 payment order including a client computer's network address, 

5 and said verifying step means comprises the steps of 

6 verifying said payment order was constructed at said 

7 client computer's network address, 

8 and checking said client address against a database 

9 of allowed client addresses for said sender. 

1 22. The network payment method of claim 16 further 

2 wherein said second sending step comprises the steps of 

3 determining the necessity for real-time 

4 authorization, 

5 and performing real-time authorization conditioned 

6 on its determined necessity. 
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A complete system for the purchasing of goods or 
information over a computer network is presented* Merchant 
computers on the network maintain databases of digital 
advertisements that are accessed by buyer computers. In 
response to user inquiries, buyer computers retrieve and 
display digital advertisements from merchant computers. A 
digital advertisement can further include a program that is 
interpreted by a buyer's computer. The buyer computers 
include a means for a user to purchase the product described 
by a digital advertisement. If a user has not specified a 
means of payment at the time of purchase, it can be 
requested after a purchase transaction is initiated. A 
network payment system performs payment order authorization 
in a network with untrusted switching, transmission, and 
host components. Payment orders are backed by accounts in 
an external financial system network, and the payment system 
obtains account authorizations from this external network in 
real-time. Payment orders are signed with authenticators 
that can be based on any combination of a secret function of 
the payment order parameters, a single-use transaction 
identifier, or a specified network address. 
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SHUTTLE HUBBLE (Houston)- Arriving for a house call 357 miles above Earth, the 
astronauts of the space shuttle Endeavor on Saturday reached out with a 
mechanical grappling arm and easily snared the Hubble space telescope and 
prepared to treat the crippled spacecraft in five days of the most 
complex orbital repairs yet attempted. 
By John Noble Wilford 

$1.00 5 



HEALTH-ALLIANCE (Washington)- If the Clinton health plan becomes law, it will put 
a new institution into the lives of most Americans: the health alliance. Almost 
no other aspect of the plan is so little understood or so radically different 
from the status quo. By Robin Toner. 
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GAMBLING (Las Vegas)- The newest perspective on the booming national industry 
of legalized gambling is now open for business: futuristic virtual-reality 
rides to soothe the losers' souls, just up the theme park escalator from 
acres of the latest video slot machines. By Francis X. Clines. 
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TROUBLED HUBBLE SPACE TELESCOPE 
PULLED IN BY SHUTTLE FOR REPAIRS 

By JOHN NOBLE WILFORD 

The New York Times (copyright 1993 The New York Times) 

priority: Urgent 
date: 12-04-93 1712EST 
catagory: Domestic 

subject: BC SHUTTLE HUBBLE ART 

HOUSTON- Arriving for a house call at 357 miles above Earth, the astronauts 
of the space shuttle Endeavor reached out Saturday with a mechanical 
grappling arm and easily snared the Hubble telescope. 

The orbital retrieval paves the way for the shuttle's astronauts to treat 
the crippled spacecraft in five days of the most complex orbital repairs 
yet attempted. 

"Houston, Endeavorhas afirm handshake with Mr. Hubble's telescope/ Col. 
Richard D. Covey of the Air Force, the shuttle commander, radioed to 
Mission Control in Houston after the robotic arm had grasped the 1.6 
billion telescope. 

The shuttle's successful rendezvous with the orbiting telescope was the 
first major step in a mission that could be fateful to both astronomy and 
NASA 

Installing new mirrors to overcome Hubble's blurred vision will return the 
telescope to its full abilities, giving the astronomers a view almost to 
the edge of the universe. And such a highly visible success could boost 
the space agency's reputation at a time it is seeking support for building 
an international space station. 

Once the 12.5-ton telescope was securely berthed in the open cargo bay 
Saturday morning, it was ready for the astronauts to begin the first of 
their five space walks early Sunday morning. 

The schedule calls for Dr. Musgrave and Dr. Jeffrey A. Hoffman to replace 
failed gyroscopes, two electronic control units and some fuses. 
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QUERY RESULTS: movie review 



1. Dec. 2 1993 14;32 [78 lines] $1.00' 
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In "A Dangerous Women/ Debra Winger sinks deeply into the drab role of 
Martha Horgan, a sheltered innocent living in a small California town, 

2. Dec, 2 1993 14:23 [60 lines] $1.00 12 
"Deception* is a fabulously farfetched story about the string of suprises 
that leads Bessie Faro (Andie MacDowell) all over the world. 
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"Twenty Bucks" follows a $20 dollar bill from the moment it's dispensed by an 

automatic teller machine to its destruction months later. Along the way it 

passes through the hands of dozens of individuals from all walks of life. 

— 
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(■ A Perfect World," a drama, is rated PG-13 for language and violence. It 

received 3 and one-half stars out of 4.) 

Clint Eastwood and Kevin Costner represent the best of Hollywood's stars who 
entertain without sacrificing artistic integrity. In "A Perfect World," their 
reputations remain intact. 



a dance film, is rated G. 
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It received 



5. Nov. 23 1993 18:46 [53 lines] $1.00 
("GEORGE BALANCHINE^S 'NUTCRACKER, 
stars out of 4,) 

A straightforward record of the annual Christmas show staged by the 
New York City Ballet, "George Balanchine's 'Nutcracker/" would have gone 
directly to TV if not for the participation of 

6. Nov. 23 1993 18:46 [60 lines] $1.00 44 

("WE'RE BACK! A DINOSAUR'S STORY,- an animated feature, is rated G. It received 
2 stars out of 4.) 

Kids won't even understand the best joke in the animated "We're Back! A 
Dinosaur's Story." It has to do with a godlike time- and space-traveling 
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In "A Dangerous Women/ Debra Winger sinks deeply into the drab role of 
Martha Horgan, a sheltered innocent living in a small California town. 

Characters like Martha have a way of attracting the storyteller's interst at a 
very precise point in their lives. It is the moment just before the 
character's peaceful existence is ruptured by some seismic force like sex 
or death or a symbolic coming of age. 

"A Dangerous Women" is soap opera enough to churn up all three. 

With Ms. Winger's eerily convincing performance at it's centerpiece, the film 
creates a world of sexual chicanery that would do any television series 
proud. 

Martha is taken care of by aunt Frances (Barbara Hershey), a rich, beautiful 
widow involved in an extramarital affair with a state assemblyman 
(John Terry). That liaison starts off the film with a suitable bang, as the 
assembly's wife (Laurie Metcalf) drunkenly drives her car into the widow's 
front porch as a means of registering her irritation. 

Martha, a fragile creature in a girlish nightgown and thick glasses, 
watches this outburst in bewildered horror. But the film intends it as a 
harbringer of Martha's own act of violence, which is already in the 
works and will serve as 
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COMBINED DECLARATION AND POWER OF ATTORNEY 
As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below next to my name, 

I believe I am the original, first and sole inventor (if only one name is listed below) or an original, 
first and joint inventor (if plural names are listed below) of the subjea matter which is claimed and for 
which a patent is sought on the invention entitled DIGITAL ACTIVE ADVERTISING, the specification 
of which 

■ is attached hereto. 

□ was filed on as Application Serial No. 

and was amended on ""^ 

□ was described and claimed in PCT International Application No, 

filed on „ and as amended under PCT Article 19 on 



I hereby state that I have reviewed and understand the contents of the above-identified 
specification, including the claims, as amended by any amendment referred to above. 

I acknowledge the duty to disclose all information I know to be material to patentability in 
accordance with Title 37, Code of Federal Regulations, §1.56(a). 

I hereby appoint the following attorneys and/or agents to prosecute this application and to 
transact all business in the Patent and Trademark Office connected therewith: Gary A. Walpen. Reg. No. 
26,098 . 

Address aU telephone calls to Gary A, Walnert at telephone number 617/542-5070. 

Address all correspondence to Gary A, Walpen. Fish & Richardson, 225 Franklin Street, Boston 
MA 02110-2804. 



I hereby declare that all statements made herein of my own knowledge are true and that aU 
statements made on information and belief are believed to be true; and further that these statements were 
made with the knowledge that willful false statements and the like so made are punishable by fine or 
imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that such willful 
false statements may jeopardize the validity of the application or any patents issued thereon. 

Full Name of Inventor: Davi 



Inventor's Signature: ^ Oc:jlA/t^cx\ / Date:' " VZ^/^l /^'S 

Residence Address: 26 Pigeon Hill Road. Weston. Massachusetts 02193 

Citizen of: U.S.A. 



Post Office Address: 26 Pigeon Hill Road. Weston. Massachusetts 02193 

60S15.BH 



Revised: July 24, 1993 (391DECL.MRG) 



